Pub. 8 2013-2014 Issue 3

www.nebankers.org 18 Extraordinary Service for Extraordinary Members. C omputers can automate transactions andmake things very convenient for banks and customers. Electronic scam- mers from around the world also are taking advantage of the convenience a bank provides to its customers. These electronic thieves obtain login creden- tials by using viruses and spyware to infiltrate your customers’ unprotected computers and then impersonate your customers to steal from their accounts. Below is one of many incidents that are happening almost daily. A bank customer reported three, large unauthorized debits to his ac- count in the previous two days totaling more than $400,000. The bank looked at the transactions and explained that the three debits were for ACH payroll transactions the customer had initiated through his internet banking account. The customer explained that his com- puter had malfunctioned and had not even been turned on for the past week. He also explained that he had taken the computer to get it cleaned from viruses the previous month. Upon investigation, the bank found that someone using the customer’s login credentials had logged in to the internet banking site the prior month from a computer that appeared to use an internet provider in Brooklyn, New York, and had authorized that IP ad- dress as a new additional authorized IP address for the customer. Then over a two-day period about a month later, someone had again used the customer’s login credentials to log in from that same IP address and had initiated the three fraudulent ACH payroll transactions. The ACH transac- tions resulted in the customer’s account being debited for more than $400,000 and credits to 80 different person’s ac- counts in 35 different banks across the U.S. in amounts ranging from $4,000 to $7,000 each. The bank attempted to reverse the ACH transactions, but only was able to recover funds from 12 of the accounts totaling approximately $60,000. The bank suffered a net loss of more than $350,000. Some of the more cooperative re- cipients of the funds explained that they had each responded to an ad on the web or in an email for a “New Part- Time Job Opening” working as an “FS Agent” for just a few hours each day. The ad said most transactions will be finalized by 2:00 p.m. Further, the job offered a one-month paid train- ing period and promised $45,000 to $75,000 a year in pay. The recipients were required to provide detailed in- formation, IDs, and other information similar to what an employee would provide to a legitimate employer. The recipients also were required to pro- vide their bank account information. Then the recipients were told they would receive funds in their bank ac- count and they were to send the funds by Western Union and MoneyGram to foreign countries. They would re- ceive a $250 fee for each transaction and a $100 bonus if they could have the money sent within two hours of receipt. The people behind this scam are located in other countries and they exploit flaws in customers’ computer protection together with the ACH sys- tem to steal money. Then they spread it to multiple places where these “em- ployees,” hired over the internet, send the funds in increments of less than $2,000 at a time by Western Union and MoneyGram out of the country to various recipients. Additional crooks have copied this scam, so the scam is coming from many different places and in various forms. This scam is being repeated over and over again against various busi- nesses that have had their computers taken over and login credentials com- promised. Losses often range between security officer’s by-word Compromised Computer Results in Internet ACH Fraud Charles M. Towle , Senior Vice President, Kansas Bankers Surety Co.